Computer Users Were Unprepared for Blaster
An e-mail survey from the Information Technology Association of America (ITAA) and Brainbench Inc. showed that many users were not ready to ward off the Blaster worm prior to the recent attack. More than 40 percent of the 2,000 computer users surveyed reported said that they had not taken steps, like downloading the available patch, to ward off the worm, also known as LovSan. In addition, one in five of these users said they do not perform routine cyber-hygiene tasks at all.
The survey respondents were drawn from a poll of 50,000 Brainbench customers around the world. Around 50 percent of respondents work in the United States, and 53 percent said they perform computer or IT-related jobs. Because so many of the survey respondents work in IT-related positions, it is likely that far more people found themselves unprepared when the worm struck.
According to Harris N. Miller, president of ITAA, the survey makes it all too obvious that people need to be far more aware of computer security issues. “Computers and networks are just as important to the nation’s economic infrastructure as generators and electrical grids,” said Miller. “Imagine if New Yorkers had had a warning and been given specific instructions for preventing the blackout several weeks in advance and simply ignored the information.”
Of the respondents, 55 percent said they, their company or a personal contact had been directly affected by the Blaster worm. Twenty-three percent said they don’t download software upgrades to prevent attacks on a regular basis, and 21 percent do not perform cyber-hygiene tasks like updating their anti-virus software. Forty-two percent did not download the fix provided on Microsoft’s Windows Update Web site before the Blaster worm hit. Education and awareness are part of the problem, with 70 percent of respondents reporting that their companies had not alerted them about the worm, asking them to download the upgrade.
See http://www.itaa.org for more information.
Emily Hollis is associate editor for Certification Magazine. She can be reached at firstname.lastname@example.org.